/**
 * SessionFilter.java
 */
package org.yate.oa.controller.filter;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.List;
import java.util.StringTokenizer;

import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @author Yate
 * @date 2013年10月10日
 * @description 会话过话器
 * @version 1.0
 */
//@WebFilter(urlPatterns = { "/*" }, initParams = {
//		@WebInitParam(name = "protect", value = "/.*,/jsp/.*"),
//		@WebInitParam(name = "public", value = "/rest/*"),
//		@WebInitParam(name = "static", value = "/css/.*,/js/.*,/images/.*,/login.jsp,/login/post") })
public class SessionFilter extends BaseFilter {
	private List<String> filters = new ArrayList<String>();
	private List<String> noFilters = new ArrayList<String>();
	private List<String> authFilters = new ArrayList<String>();

	public void destroy() {
		this.filters.clear();
		this.noFilters.clear();
		this.authFilters.clear();
	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {
		final HttpServletRequest req = (HttpServletRequest) request;
		final HttpServletResponse resp = (HttpServletResponse) response;
		final String path = req.getServletPath();
		req.setCharacterEncoding("UTF-8");
		resp.setCharacterEncoding("UTF-8");
		for (String t : noFilters) {
			if (path.matches(t)) {
				chain.doFilter(request, response);
				return;
			}
		}

		for (String t : filters) {
			if (path.indexOf("/rest") != -1) {
				continue;
			}
			if (path.matches(t)
					&& req.getSession().getAttribute("user") == null) {
				if (req.getHeader("x-requested-with") != null
						&& req.getHeader("x-requested-with").equalsIgnoreCase(
								"XMLHttpRequest")) {
					resp.addHeader("sessionstatus", "timeout");
					PrintWriter out = resp.getWriter();
					out.print("timeout");
					out.flush();
					out.close();
				} else {
					PrintWriter out = resp.getWriter();
					out.println("<html>");
					out.println("<script>");
					out.println("window.open ('" + req.getContextPath()
							+ "/login.jsp','_top')");
					out.println("</script>");
					out.println("</html>");
				}
				return;
			} else {
				chain.doFilter(request, response);
				return;
			}

		}

	}

	public void init(FilterConfig filterConfig) throws ServletException {
		String value = filterConfig.getInitParameter("protect");
		if (value != null) {
			StringTokenizer st = new StringTokenizer(value.trim(), ",");
			while (st.hasMoreTokens()) {
				filters.add(st.nextToken());
			}
		}

		value = filterConfig.getInitParameter("public");
		if (value != null) {
			StringTokenizer st = new StringTokenizer(value.trim(), ",");
			while (st.hasMoreTokens()) {
				authFilters.add(st.nextToken());
			}
		}

		value = filterConfig.getInitParameter("static");
		if (value != null) {
			StringTokenizer st = new StringTokenizer(value.trim(), ",");
			while (st.hasMoreTokens()) {
				noFilters.add(st.nextToken());
			}
		}

	}
}
